2
0
mirror of https://github.com/mozilla/cipherscan.git synced 2024-11-25 23:43:42 +01:00

parsing of signature algorithm and key size

add parsing of signature algorithm and key size from the individual
results, report summary
This commit is contained in:
Hubert Kario 2014-04-04 20:18:36 +02:00
parent b6b9a1a364
commit 863441a179

View File

@ -13,6 +13,8 @@ cipherstats = defaultdict(int)
pfsstats = defaultdict(int) pfsstats = defaultdict(int)
protocolstats = defaultdict(int) protocolstats = defaultdict(int)
handshakestats = defaultdict(int) handshakestats = defaultdict(int)
keysize = defaultdict(int)
sigalg = defaultdict(int)
total = 0 total = 0
for r,d,flist in os.walk(path): for r,d,flist in os.walk(path):
@ -20,6 +22,10 @@ for r,d,flist in os.walk(path):
""" initialize variables for stats of the current site """ """ initialize variables for stats of the current site """
temppfsstats = {} temppfsstats = {}
tempkeystats = {}
tempecckeystats = {}
tempdsakeystats = {}
tempsigstats = {}
ciphertypes = 0 ciphertypes = 0
AESGCM = False AESGCM = False
AES = False AES = False
@ -87,6 +93,17 @@ for r,d,flist in os.walk(path):
DHE = True DHE = True
temppfsstats[entry['pfs']] = 1 temppfsstats[entry['pfs']] = 1
""" save the key size """
if 'ECDSA' in entry['cipher']:
tempecckeystats[entry['pubkey'][0]] = 1
elif 'DSS' in entry['cipher']:
tempdsakeystats[entry['pubkey'][0]] = 1
else:
tempkeystats[entry['pubkey'][0]] = 1
""" save key signatures size """
tempsigstats[entry['sigalg'][0]] = 1
""" store the versions of TLS supported """ """ store the versions of TLS supported """
for protocol in entry['protocols']: for protocol in entry['protocols']:
if protocol == 'SSLv2': if protocol == 'SSLv2':
@ -109,6 +126,16 @@ for r,d,flist in os.walk(path):
for s in temppfsstats: for s in temppfsstats:
pfsstats[s] += 1 pfsstats[s] += 1
for s in tempkeystats:
keysize['RSA ' + s] += 1
for s in tempecckeystats:
keysize['ECDSA ' + s] += 1
for s in tempdsakeystats:
keysize['DSA ' + s] += 1
for s in tempsigstats:
sigalg[s] += 1
""" store cipher stats """ """ store cipher stats """
if AESGCM: if AESGCM:
cipherstats['AES-GCM'] += 1 cipherstats['AES-GCM'] += 1
@ -192,6 +219,18 @@ for stat in sorted(pfsstats):
pfspercent = round(pfsstats[stat] / handshakestats['DHE'] * 100, 4) pfspercent = round(pfsstats[stat] / handshakestats['DHE'] * 100, 4)
sys.stdout.write(stat.ljust(25) + " " + str(pfsstats[stat]).ljust(10) + str(percent).ljust(9) + str(pfspercent) + "\n") sys.stdout.write(stat.ljust(25) + " " + str(pfsstats[stat]).ljust(10) + str(percent).ljust(9) + str(pfspercent) + "\n")
print("\nCertificate sig alg Count Percent ")
print("-------------------------+---------+--------")
for stat in sorted(sigalg):
percent = round(sigalg[stat] / total * 100, 4)
sys.stdout.write(stat.ljust(25) + " " + str(sigalg[stat]).ljust(10) + str(percent).ljust(9) + "\n")
print("\nCertificate key size Count Percent ")
print("-------------------------+---------+--------")
for stat in sorted(keysize):
percent = round(keysize[stat] / total * 100, 4)
sys.stdout.write(stat.ljust(25) + " " + str(keysize[stat]).ljust(10) + str(percent).ljust(9) + "\n")
print("\nSupported Protocols Count Percent") print("\nSupported Protocols Count Percent")
print("-------------------------+---------+-------") print("-------------------------+---------+-------")
for stat in sorted(protocolstats): for stat in sorted(protocolstats):